<?php
  /**
   * Copyright 2011 Zazavi - http://www.zazavi.com
   * Zazavi is free software released under the terms of the GNU General Public License.
   * You should have received a copy of the license.  If not, see <http://www.gnu.org/licenses/>.
   */

?>
<?php
  define("_VALID_PHP", true);
  require_once("functions.php");
  
  session_start();
  
  $msg = '';
  
  error_reporting(E_ALL);
  define("CMS_DS", DIRECTORY_SEPARATOR);
  define("BASE", dirname(__FILE__));
  define("DDPBASE", str_replace('setup', '', BASE));
  
  $script_path = str_replace('/setup', '', dirname($_SERVER['SCRIPT_NAME']));
  
  $_SERVER['REQUEST_TIME'] = time();
  
  $step = !isset($_GET['step']) ? 0 : (int)$_GET['step'];
  
  if (isset($_POST['db_action'])) {
      $err = false;
      
      if (!$_POST['dbhost'])
          $err[] = 1;
      
      if (!$_POST['dbuser'])
          $err[] = 2;
      
      if (!$_POST['dbname'])
          $err[] = 3;
      
      if (!$_POST['admin_username'])
          $err[] = 4;
      
      if (!$_POST['admin_password'])
          $err[] = 5;
      
      if ($_POST['admin_password'] != $_POST['admin_password2'])
          $err[] = 6;
      
      if (!$_POST['site_email'])
          $err[] = 7;
      
      if (!$err) {
          $link = mysql_connect($_POST['dbhost'], $_POST['dbuser'], $_POST['dbpwd']);
          
          $error = false;
          
          if (!$link) {
              $error = true;
              $msg = 'Could not connect to MySQL server: ' . mysql_error() . '<br />';
          }
          
          if (!mysql_select_db($_POST['dbname'], $link)) {
              $error = true;
              $msg .= 'Could not select database ' . sanitize($_POST['dbname']) . ': ' . mysql_error();
          }
  /*        
          if (!$error && isset($_POST['delete_tables'])) {
              $result = mysql_query("SHOW TABLES FROM " . $_POST['dbname']);
              $i = 0;
              $delete = array();
              while ($i < mysql_num_rows($result)) {
                  $name_table = mysql_table_name($result, $i);
                  $delete[] = "`" . $name_table . "`";
                  $i++;
              }
              
              $sql = "DROP TABLE IF EXISTS " . implode(",", $delete);
              if ($result_set = @mysql_query($sql)) {
                  $proceed = true;
              } else {
                  $msg = "There are no tables to delete";
              }
          }
          */
          /** Writing to database **/
          if (!$error) {
              mysql_query("CREATE DATABASE `" . $_POST['dbname'] . "`;");
              mysql_select_db($_POST['dbname']);
              
              $success = true;
              parse_mysql_dump("sql/structure.sql");
              
              if ($success)
                  writeConfigFile($_POST['dbhost'], $_POST['dbuser'], $_POST['dbpwd'], $_POST['dbname']);
              
              if ($script_path == "/")
                  $script_path = "";
              
              if ($content = @file_get_contents("../.htaccess")) {
                  if (!stristr($content, "RewriteBase " . $script_path . "/")) {
                      $content = str_replace("RewriteBase /", "RewriteBase " . $script_path . "/", $content);
                      $content = str_replace("ErrorDocument 404 /404.php", "ErrorDocument 404 " . $script_path . "/404.php", $content);
                      if (is_writable("../.htaccess")) {
                          $continue = true;
                      } else {
                          if (@chmod("../.htaccess", 0755)) {
                              $continue = true;
                          } else {
                              $continue = false;
                          }
                      }
                      if ($continue) {
                          if ($handle = @fopen("../.htaccess", "w")) {
                              @fwrite($handle, $content);
                              @fclose($handle);
                          }
                          @chmod("../.htaccess", 0644);
                      }
                  }
              }
          }
          
          if (!$error && isset($_POST['install_data'])) {
              $success = true;
              parse_mysql_dump("sql/sampledata.sql");
              if (!$success) {
                  $msg = "Error in adding the sample data<br />
        <em>The installation can continue, but the site will be empty, without any simple information, categories or items.</em>";
              }
          }
          
          $user = (isset($_POST['admin_username'])) ? $_POST['admin_username'] : "";
          $pass = (isset($_POST['admin_password'])) ? sanitize($_POST['admin_password']) : "";
          $modrew = (isset($_COOKIE['modrew']) == "true") ? 1 : 0;
          $url = (isset($_POST['site_url'])) ? $_POST['site_url'] : "";
          $sitename = (isset($_POST['site_name'])) ? $_POST['site_name'] : "";
		  $company = (isset($_POST['company'])) ? $_POST['company'] : "";
          $site_email = (isset($_POST['site_email'])) ? $_POST['site_email'] : "";
          
          mysql_query("INSERT INTO `users` (id,username,password,email,created,userlevel,active)
        VALUES ('1','" . sanitize($user) . "','" . sha1($pass) . "','" . sanitize($site_email) . "',NOW(),'9','y')");
          
          mysql_query("UPDATE `settings` SET 
		  site_name = '" . sanitize($sitename) . "', 
		  company = '" . sanitize($company) . "', 
		  site_url = '" . sanitize($url) . "', 
		  site_email = '" . sanitize($site_email) . "', 
		  seo ='" . $modrew . "'");
          
		  include_once("db_replace.php");
          mysql_close($link);
          
          if (!$error) {
              if (!file_exists("../lib/config.inc.php")) {
                  cmsHeader();
				  include("templates/finish.tpl.php");
                  cmsFooter();
                  exit;
              }
          }
      }
  }
?>
<?php cmsHeader(); ?>
<?php
  if (!$step)
      : clearstatcache();
  
  include("templates/pre_install.tpl.php");
  elseif ($step == 1)
      : 
	  include("templates/license.tpl.php");
  elseif ($step == '2')
      : 
  include("templates/configuration.tpl.php");
  
  else
      : echo 'Incorrect step. Please follow installation instructions.';
  endif;
?>
<?php cmsFooter(); ?>